def prep_comments():
"""
Migrate comments.
"""
print "Adjusting comment url_keys..."
col = settings.COL_COMMENTS
query = {'url_key': {'$type': 7}}
comments = mongo_find(col, query)
total = 0
for comment in comments:
_id = comment['_id']
url_key = str(comment['url_key'])
mongo_update(col,
{'_id': ObjectId(_id)},
{'$set': {'url_key': url_key}})
total += 1
print "Fixed %s comments, correcting ObjectId url_key!\n" % total
query = {'obj_type': "Campaign", "url_key": {'$exists': 0} }
comments = mongo_find(col, query)
total = 0
for comment in comments:
_id = comment['_id']
obj = mongo_find_one(settings.COL_CAMPAIGNS, {"_id": comment['obj_id']})
if obj:
url_key = obj['name']
mongo_update(col,
{'_id': ObjectId(_id)},
{'$set': {'url_key': url_key}})
total += 1
print "Fixed %s comments, correcting url_key based on obj_id!\n" % total
def prep_comments():
"""
Migrate comments.
"""
print "Adjusting comment url_keys..."
col = settings.COL_COMMENTS
query = {'url_key': {'$type': 7}}
comments = mongo_find(col, query)
total = 0
for comment in comments:
_id = comment['_id']
url_key = str(comment['url_key'])
mongo_update(col, {'_id': ObjectId(_id)},
{'$set': {
'url_key': url_key
}})
total += 1
print "Fixed %s comments, correcting ObjectId url_key!\n" % total
query = {'obj_type': "Campaign", "url_key": {'$exists': 0}}
comments = mongo_find(col, query)
total = 0
for comment in comments:
_id = comment['_id']
obj = mongo_find_one(settings.COL_CAMPAIGNS,
{"_id": comment['obj_id']})
if obj:
url_key = obj['name']
mongo_update(col, {'_id': ObjectId(_id)},
{'$set': {
'url_key': url_key
}})
total += 1
print "Fixed %s comments, correcting url_key based on obj_id!\n" % total
def run(self, argv):
parser = OptionParser()
parser.add_option('-l', '--list', dest='list_services', action='store_true',
default=False,
help='List available services')
parser.add_option('-t', '--triage', dest='triage', action='store_true',
default=False,
help='Run all triage services')
parser.add_option('-e', '--enabled', dest='enabled', action='store_true',
default=False,
help='Run all enabled services')
parser.add_option('-s', '--services', dest='services', help='Service list')
parser.add_option('-v', '--verbose', dest='verbose', action='store_true',
default=False,
help='Verbose mode')
parser.add_option('-f', '--filter', dest='sample_filter',
help='Sample query filter')
parser.add_option('-m', '--md5', dest='md5',
help='md5 of sample')
parser.add_option('-F', '--force', dest='force', action='store_true',
default=False,
help='Force run')
(opts, args) = parser.parse_args(argv)
service_list = []
sample_list = []
if opts.list_services:
self.list_available_services()
if (opts.triage or opts.enabled):
service_list = self.get_service_list(opts.triage, opts.enabled)
if opts.verbose:
self.print_running_services(service_list)
elif (opts.services):
if len(opts.services) > 0:
service_list = opts.services.split(',')
if opts.verbose:
self.print_running_services(service_list)
if (opts.sample_filter):
query = ast.literal_eval(opts.sample_filter)
query_results = mongo_find(settings.COL_SAMPLES, query, {'md5': 1})
sample_list = [(sample["md5"], str(sample["_id"])) for sample in query_results]
if opts.verbose:
self.print_sample_stats(sample_list, opts.sample_filter)
if (opts.md5):
# Given an MD5 we have to get the sample ID.
#
# XXX: This should be extended so we can pass an MD5 of a PCAP.
# The entire script also needs to have an option for ID, so we
# can work with other object types that support services.
obj = class_from_value('Sample', opts.md5)
if not obj:
print "[-] Unable to find object."
return
sample_list = [(opts.md5, obj.id)]
if opts.verbose:
self.print_sample_stats(sample_list)
if sample_list and service_list:
self.run_services(service_list, sample_list, opts.verbose, opts.force)
def prep_audit_log():
"""
Migrate the audit log.
"""
print "Adjusting Audit Log Dates..."
col = settings.COL_AUDIT_LOG
schema_version = AuditLog._meta['latest_schema_version']
entries = mongo_find(col, {})
total = 0
for entry in entries:
changes = {}
changes['schema_version'] = schema_version
if 'date' in entry:
if not isinstance(entry['date'], datetime.datetime):
changes['date'] = parse(entry['date'], fuzzy=True)
total += 1
else:
changes['date'] = entry['date']
mongo_update(col, {'_id': ObjectId(entry['_id'])}, {'$set': changes})
print "Fixed %s audit log entries!\n" % total
def prep_audit_log():
"""
Migrate the audit log.
"""
print "Adjusting Audit Log Dates..."
col = settings.COL_AUDIT_LOG
schema_version = AuditLog._meta['latest_schema_version']
entries = mongo_find(col, {})
total = 0
for entry in entries:
changes = {}
changes['schema_version'] = schema_version
if 'date' in entry:
if not isinstance(entry['date'], datetime.datetime):
changes['date'] = parse(entry['date'], fuzzy=True)
total += 1
else:
changes['date'] = entry['date']
mongo_update(col,
{'_id': ObjectId(entry['_id'])},
{'$set': changes})
print "Fixed %s audit log entries!\n" % total
def run(self, argv):
parser = OptionParser()
parser.add_option('-l',
'--list',
dest='list_services',
action='store_true',
default=False,
help='List available services')
parser.add_option('-t',
'--triage',
dest='triage',
action='store_true',
default=False,
help='Run all triage services')
parser.add_option('-e',
'--enabled',
dest='enabled',
action='store_true',
default=False,
help='Run all enabled services')
parser.add_option('-s',
'--services',
dest='services',
help='Service list')
parser.add_option('-v',
'--verbose',
dest='verbose',
action='store_true',
default=False,
help='Verbose mode')
parser.add_option('-f',
'--filter',
dest='sample_filter',
help='Sample query filter')
parser.add_option('-m', '--md5', dest='md5', help='md5 of sample')
parser.add_option('-F',
'--force',
dest='force',
action='store_true',
default=False,
help='Force run')
(opts, args) = parser.parse_args(argv)
service_list = []
sample_list = []
if opts.list_services:
self.list_available_services()
if (opts.triage or opts.enabled):
service_list = self.get_service_list(opts.triage, opts.enabled)
if opts.verbose:
self.print_running_services(service_list)
elif (opts.services):
if len(opts.services) > 0:
service_list = opts.services.split(',')
if opts.verbose:
self.print_running_services(service_list)
if (opts.sample_filter):
query = ast.literal_eval(opts.sample_filter)
query_results = mongo_find(settings.COL_SAMPLES, query, {'md5': 1})
sample_list = [(sample["md5"], str(sample["_id"]))
for sample in query_results]
if opts.verbose:
self.print_sample_stats(sample_list, opts.sample_filter)
if (opts.md5):
# Given an MD5 we have to get the sample ID.
#
# XXX: This should be extended so we can pass an MD5 of a PCAP.
# The entire script also needs to have an option for ID, so we
# can work with other object types that support services.
obj = class_from_value('Sample', opts.md5)
if not obj:
print "[-] Unable to find object."
return
sample_list = [(opts.md5, obj.id)]
if opts.verbose:
self.print_sample_stats(sample_list)
if sample_list and service_list:
self.run_services(service_list, sample_list, opts.verbose,
opts.force)
